From 898b5b63c389e9793b891705883fa161f6b4488e Mon Sep 17 00:00:00 2001 From: Michael Kinney Date: Fri, 29 Jan 2016 00:54:32 +0000 Subject: QuarkPlatformPkg: Add Readme.md for QuarkPlatformPkg Add a Readme.md for the QuarkPlatformPkg that describes how to clone, build, boot, debug, and enable/disable features for the Intel(R) Galileo Development Board and the Intel(R) Galileo Gen 2 Development Board. Cc: Kelly Steele Cc: Jiewen Yao Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney Reviewed-by: Kelly Steele git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19764 6f19259b-4bc3-4df7-8a09-765794883524 --- QuarkPlatformPkg/Readme.md | 666 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 666 insertions(+) create mode 100644 QuarkPlatformPkg/Readme.md (limited to 'QuarkPlatformPkg/Readme.md') diff --git a/QuarkPlatformPkg/Readme.md b/QuarkPlatformPkg/Readme.md new file mode 100644 index 0000000000..b48e072ffb --- /dev/null +++ b/QuarkPlatformPkg/Readme.md @@ -0,0 +1,666 @@ +# **EDK II firmware for Intel(R) Quark SoC X1000 based platforms** + +## **Features** +* UEFI firmware image with ability to enable/disable major features such as + - Logging + - Source level debug using [Intel(R) UEFI Development Kit Debugger Tool]( + https://firmware.intel.com/develop/intel-uefi-tools-and-utilities/intel-uefi-development-kit-debugger-tool) + - Boot Performance Measurements + - UEFI Secure Boot with Physical Presence + - TCG Measured Boot using TPM 1.2 hardware devices on I2C bus +* Minimal firmware image for initial power-on and debug +* UEFI Shell built into FLASH image +* UEFI Linux operating system boot support from Micro SD FLASH +* Hardware Support + - [Intel(R) Quark SoC X1000 CPU]( + http://www.intel.com/content/www/us/en/embedded/products/quark/quark-x1000-datasheet.html) + - [Intel(R) Galileo Development Board]( + http://www.intel.com/content/www/us/en/embedded/products/galileo/galileo-g1-datasheet.html) + - [Intel(R) Galileo Gen 2 Development Board]( + http://www.intel.com/content/www/us/en/embedded/products/galileo/galileo-overview.html) + - HPET Timer + - Real Time Clock +* Major I/O Subsystems + - PCI including support for Mini PCI Express Cards + - USB using EHCI and OHCI host controllers + - Micro SD FLASH with FAT file system support + - Serial UART up to 921600 baud for console, logging, and debug +* ACPI Tables with ACPI S3 sleep state support +* SMBIOS Tables + +## **Windows Build Instructions** + +### Pre-requisites + +* GIT client: Available from https://git-scm.com/downloads +* Microsoft Visual Studio. + - Visual Studio 2015 recommended and is used in the examples below. +* Microsoft Windows Driver Development Kit 3790.1830 + - http://download.microsoft.com/download/9/0/f/90f019ac-8243-48d3-91cf-81fc4093ecfd/1830_usa_ddk.iso + - Mount ISO image + - Right click on ```x86\kitsetup.exe``` & choose **Run as administrator** + - Install to C:\WINDDK\3790.1830 + - Uncheck all Component Groups + - Expand Build Environment Component + - Check Windows Driver Development Kit 16-bit Additional Build Tools + - Install +* ASL compiler: Available from http://www.acpica.org + - Install into ```C:\ASL``` to match default tools_def.txt configuration. + +Create a new directory for an EDK II WORKSPACE. + +The code block below shows the GIT clone operations required to pull the EDK II +source tree, the FatPkg sources, the pre-built versions of BaseTools as WIN32 +binaries, and the edk2-non-osi repository that provides a binary file for the +Quark Remote Management Unit (RMU). + +Next it sets environment variables that must be set before running +```edksetup.bat```. Since content is being pulled from multiple repositories, +the EDK II [Multiple Workspace]( +https://github.com/tianocore/tianocore.github.io/wiki/Multiple_Workspace) +feature is used. + +Next, the ```edksetup.bat``` file is run to complete the initialization of an +EDK II build environment. Two example build commands are shown. The first one +in ```QuarkPlatformPlg/Quark.dsc``` builds a full UEFI firmware image that is +able to boot the built-in UEFI Shell and Linux from a micro SD FLASH card. The +second one in ```QuarkPlatformPkg/QuarkMin.dsc``` builds a minimal firmware +image that is useful for initial power-on and debug of new features. + +```cmd +git clone https://github.com/tianocore/edk2.git +git clone https://github.com/tianocore/edk2-FatPkg.git FatPkg +git clone https://github.com/tianocore/edk2-BaseTools-win32.git +git clone https://github.com/tianocore/edk2-non-osi.git + +set WORKSPACE=%CD% +set PACKAGES_PATH=%WORKSPACE%\edk2;%WORKSPACE%\edk2-non-osi +set EDK_TOOLS_BIN=%WORKSPACE%\edk2-BaseTools-win32 + +cd edk2 +edksetup.bat + +build -a IA32 -t VS2015x86 -p QuarkPlatformPkg/Quark.dsc +build -a IA32 -t VS2015x86 -p QuarkPlatformPkg/QuarkMin.dsc +``` + +## **Linux Build Instructions** + +### Pre-requisites + +* GIT client +* GCC 4.9 compiler +* ASL compiler: Available from http://www.acpica.org. + +Create a new directory for an EDK II WORKSPACE. + +The code block below shows the GIT clone operations required to pull the EDK II +source tree, the FatPkg sources, and the edk2-non-osi repository that provides a +binary file for the Quark Remote Management Unit (RMU). + +Next it sets environment variables that must be set before running +```edksetup.bat```. Since content is being pulled from multiple repositories, +the EDK II [Multiple Workspace]( +https://github.com/tianocore/tianocore.github.io/wiki/Multiple_Workspace) +feature is used. + +Next, the EDK II BaseTools required to build firmware images are built. + +Next, the ```edksetup.bat``` file is run to complete the initialization of an +EDK II build environment. Two example build commands are shown. The first one +in ```QuarkPlatformPlg/Quark.dsc``` builds a full UEFI firmware image that is +able to boot the built-in UEFI Shell and Linux from a micro SD FLASH card. The +second one in ```QuarkPlatformPkg/QuarkMin.dsc``` builds a minimal firmware +image that is useful for initial power-on and debug of new features. + +```sh +git clone https://github.com/tianocore/edk2.git +git clone https://github.com/tianocore/edk2-FatPkg.git FatPkg +git clone https://github.com/tianocore/edk2-non-osi.git + +export WORKSPACE=$PWD +export PACKAGES_PATH=$WORKSPACE/edk2:$WORKSPACE/edk2-non-osi +export EDK_TOOLS_PATH=$WORKSPACE/edk2/BaseTools + +make -C edk2/BaseTools + +cd $WORKSPACE/edk2 + +. edksetup.sh BaseTools + +build -a IA32 -t GCC49 -p QuarkPlatformPkg/Quark.dsc +build -a IA32 -t GCC49 -p QuarkPlatformPkg/QuarkMin.dsc +``` + +## **Build Features** + +The table below contains a summary of the build flags to enable or disable +features on the build command line using ```-D``` flags. + +| **Define Name** | **Default Value** | **Supported Values** | +| -------------------------- | ----------------- | -------------------- | +| ```GALILEO``` | GEN2 | GEN1, GEN2 | +| ```LOGGING``` | TRUE | TRUE, FALSE | +| ```SOURCE_DEBUG_ENABLE``` | FALSE | TRUE, FALSE | +| ```PERFORMANCE_ENABLE``` | FALSE | TRUE, FALSE | +| ```SECURE_BOOT_ENABLE``` | FALSE | TRUE, FALSE | +| ```MEASURED_BOOT_ENABLE``` | FALSE | TRUE, FALSE | +| ```TPM_12_HARDWARE``` | NONE | NONE, LPC, ATMEL_I2C, INFINEON_I2C | + +* ```GALILEO``` - Used to specify the type of Intel(R) Galileo board type. The + default is ```GEN2``` for the [Intel(R) Galileo Gen 2 Development Board]( + http://www.intel.com/content/www/us/en/embedded/products/galileo/galileo-overview.html). + The other supported value is ```GEN1``` for the [Intel(R) Galileo Development Board]( + http://www.intel.com/content/www/us/en/embedded/products/galileo/galileo-g1-datasheet.html). + Add ```-D GALILEO=GEN1``` to the build command for [Intel(R) Galileo Development Board]( + http://www.intel.com/content/www/us/en/embedded/products/galileo/galileo-g1-datasheet.html). + +* ```LOGGING``` - Used to enable/disable logging messages from DEBUG() macros to + a serial UART. The default is TRUE for enabled when the BUILDTARGET is DEBUG + (```-b DEBUG```). The default is FALSE for disabled when the BUILDTARGET is + not DEBUG (e.g. ```-b RELEASE```). Add ```-D LOGGING``` to the build command + to force logging enabled. Add ```-D LOGGING=FALSE``` to force logging + disabled. + +* ```SOURCE_DEBUG_ENABLE``` - Used to enable/disable source level debug using the + [Intel(R) UEFI Development Kit Debugger Tool]( + https://firmware.intel.com/develop/intel-uefi-tools-and-utilities/intel-uefi-development-kit-debugger-tool). + The default is FALSE for disabled. Add ```-D SOURCE_DEBUG_ENABLE``` to the + build command line to enable source level debug. + +* ```PERFORMANCE_ENABLE``` - Used to enable/disable boot performance measurement. + The default is FALSE for disabled. Add ```-D PERFORMANCE_ENABLE``` to the + build command line to enable boot performance measurement. When this feature + is enabled, both ```LOGGING``` and ```SOURCE_DEBUG_ENABLE``` are automatically + disabled so there is not boot time overhead from the serial UART for logging + messages or the debug agent. + +* ```SECURE_BOOT_ENABLE``` - Used to enable/disable UEFI Secure Boot features. + The default is FALSE for disabled. Add ```-D SECURE_BOOT_ENABLE``` to the + build command line to enable UEFI Secure Boot features. + +* ```MEASURED_BOOT_ENABLE``` - Used to enable/disable measurement of firmware + code and data into a TPM 1.2 hardware device. The default is FALSE for + disabled. Add ```-D MEASURED_BOOT_ENABLE``` to the build command line to + enable UEFI Secure Boot features. + +* ```TPM_12_HARDWARE``` - Used to specify the type of TPM 1.2 hardware device + that is connected to the Galileo board. This define is valid if the measure + boot feature is enabled using ```-D MEASURED_BOOT_ENABLE```. The default is + NONE for no TPM 1.2 hardware device connected. Add ```-D TPM_12_HARDWARE=LPC``` + for a TPM hardware device attached to an LPC bus (not supported on on Intel(R) + Quark SoC X1000). Add ```-D TPM_12_HARDWARE=ATMEL_I2C``` for an + [Atmel AT97SC3204T](http://www.atmel.com/devices/AT97SC3204T.aspx) or + [Atmel AT97SC3205T](http://www.atmel.com/images/atmel-8883s-tpm-at97sc3205t-datasheet-summary.pdf) + attached to the I2C bus of the Galileo Arduino header. Add + ```-D TPM_12_HARDWARE=INFINION_I2C``` for an [Infineon SLB9645]( + http://www.infineon.com/dgdl/Infineon-TPM+SLB+9645-DS-v01_00-EN.pdf?fileId=5546d4625185e0e201518b83d0c63d7c) + attached to the I2C bus of the Galileo Arduino header. The ATMEL_I2C setting + has been tested with the [CryptoShield](https://www.sparkfun.com/products/13183) + available from [SparkFun](https://www.sparkfun.com/). + + +### **Example Build Commands** + +Default build with logging enabled: + +```build -a IA32 -t VS2015x86 -p QuarkPlatformPkg/Quark.dsc``` + +Release build with logging disabled: + +```build -a IA32 -t VS2015x86 -p QuarkPlatformPkg/Quark.dsc -b RELEASE``` + +Enable source level debugging: + +```build -a IA32 -t VS2015x86 -p QuarkPlatformPkg/Quark.dsc -D SOURCE_DEBUG_ENABLE``` + +Enable boot performance metrics: + +```build -a IA32 -t VS2015x86 -p QuarkPlatformPkg/Quark.dsc -D PERFORMANCE_ENABLE``` + +Enable UEFI Secure Boot features: + +```build -a IA32 -t VS2015x86 -p QuarkPlatformPkg/Quark.dsc -D UEFI_SECURE_BOOT``` + +Enable UEFI Secure Boot and Measured Boot using Atmel I2C TPM hardware device: + +```build -a IA32 -t VS2015x86 -p QuarkPlatformPkg/Quark.dsc -D UEFI_SECURE_BOOT +-D MEASURED_BOOT_ENABLE -D TPM_12_HARDWARE=ATMEL_I2C``` + +## **FLASH Update using DediProg SF100** + +Once the sources have been downloaded, an EDK II build environment established, +and an EDK II firmware image has been built, the EDK II firmware image needs to +installed into the FLASH device on the target Galileo development board. One +way to do this is with the [Dediprog SF100 IC Programmer]( +http://www.dediprog.com/pd/spi-flash-solution/SF100). + +* Install the DediProg SF100 software. + +* Connect the DediProg SF100 to the Galileo development board. + + ![](http://www.tianocore.org/Projects/QuarkPlatformPkg/Images/Dediprog.jpg) + +* Make sure ```dpcmd.exe``` is in ```PATH``` + + ```PATH=%PATH%;"c:\Program Files (x86)\DediProg\SF100"``` + +* **NOTE**: It is recommended that the FLASH image that was shipped with the + Galileo development board be read and saved before updating FLASH image. The + command shown below read the FLASH image and saves it to the file + called ```GalileoOriginalFirmware.bin```. + + ```dpcmd.exe -r GalileoOriginalFirmware.bin``` + +* Update FLASH image using either the DediProg SF100 GUI or ```dpcmd.exe```. + - Example update of Galileo firmware image when BUILDTARGET is DEBUG (default) + + ```dpcmd.exe -u%WORKSPACE%\Build\Quark\DEBUG_VS2015x86\FV\QUARK.fd ``` + + - Example update of Galileo firmware image when BUILDTARGET is RELEASE + (```-b RELEASE```) + + ```dpcmd.exe -u%WORKSPACE%\Build\Quark\RELEASE_VS2015x86\FV\QUARK.fd ``` + +## **Setting up a Serial Console and Booting to UEFI Shell** + +After the FLASH is updated on Galileo, a serial cable is connected between the +host system and the Galileo target. A serial terminal emulator (such as +[Tera Term](https://en.osdn.jp/projects/ttssh2/releases/)) can be used to see +the logging messages from DEBUG() macros and the serial console for the UEFI +Boot Manager, UEFI Shell, and operating system. + +The default serial communication parameters for the Intel(R) Galileo Gen 2 +Development Board is 921600,n,8,1 with no hardware flow control. + +![](http://www.tianocore.org/Projects/QuarkPlatformPkg/Images/TeraTermSerialParameters.png) + +The default serial communication parameters for the Intel(R) Galileo Development +Board is 461800,n,8,1 with no hardware flow control. + +The following changes to the [Tera Term](https://en.osdn.jp/projects/ttssh2/releases/) +configuration files are recommended for UEFI serial console compatibility. +Some of the later use cases involve using the TCPIP mode, so some of these +recommendation apply to the TCPIP use cases. + +* TERATERM.INI - Set terminal size to 80 x 25 and terminal settings to UTF8. + +![](http://www.tianocore.org/Projects/QuarkPlatformPkg/Images/TeraTermTerminal.png) + +* TERATERM.INI - Set font type to Terminal to support box drawing glyphs. + +![](http://www.tianocore.org/Projects/QuarkPlatformPkg/Images/TeraTermFont.png) + +* TERATERM.INI - Disable line mode to make TCPIP mode work like COM port mode. + +```ini +; Line at a time mode +EnableLineMode=off +``` + +* KEYBOARD.CNF - Disable VT function keys for F5..F10 + +```ini +[VT function keys] +;F6 key +;F6=64 +;F7 key +;F7=65 +;F8 key +;F8=66 +;F9 key +;F9=67 +;F10 key +;F10=68 +``` + +* KEYBOARD.CNF - Disable X function keys for F1..F4 + +```ini +[X function keys] +; F1 key +XF1=off +; F2 key +;XF2=60 +XF2=off +; F3 key +;XF3=61 +XF3=off +; F4 key +;XF4=62 +XF4=off +; F5 key +;XF5=63 +``` + +* KEYBOARD.CNF - Add UEFI serial console sequences for F1..F10 + +```ini +[User keys] +User1=59,0,$1B[M +User2=60,0,$1B[N +User3=61,0,$1B[O +User4=62,0,$1B[P +User5=63,0,$1B[Q +User6=64,0,$1B[R +User7=65,0,$1B[S +User8=66,0,$1B[T +User9=67,0,$1B[U +User10=68,0,$1B[V +``` + +Connect power adapter to Galileo development board, and the logging messages +should be seen, followed by 5 second countdown, followed by an automatic boot to +the built-in UEFI Shell. + +![](http://www.tianocore.org/Projects/QuarkPlatformPkg/Images/UefiShell.png) + +## **Source Level Debug Using Intel(R) UEFI Development Kit Debugger Tool** + +### Pre-requisites + +* Intel(R) UEFI Development Kit Debugger Tool User Manual for Ver 1.5 or higher: + Available from https://firmware.intel.com/develop/intel-uefi-tools-and-utilities/intel-uefi-development-kit-debugger-tool +* Intel(R) UEFI Development Kit Debugger Tool Ver 1.5 or higher: Available from + https://firmware.intel.com/develop/intel-uefi-tools-and-utilities/intel-uefi-development-kit-debugger-tool +* [Tera Term](https://en.osdn.jp/projects/ttssh2/releases/) or other serial + terminal emulator with TCPIP support + +Follow instructions in Intel(R) UEFI Development Kit Debugger Tool User manual +to setup host system. + +Build a firmware image with SOURCE_DEBUG_ENABLE enabled +(```-D SOURCE_DEBUG_ENABLE```). This will select the appropriate libraries, +debug agent, and PCDs for Galileo. Galileo does not support a USB 2.0 debug +port, so only the UART based communications library is used. + +Use Dediprog SF100 to update the Galileo development board FLASH image. + +Update the ```[Debug Port]``` section of the SoftDebugger.ini file with the host +side UART configuration settings. The following example uses COM5, which must +be updated with the COM port the Galileo target is attached. The following +example also shows a baud rate of 921600 which is correct for a Galileo Gen 2. +If a Galileo Gen 1 is being used, set the baud rate to 460800. By default, the +Galileo console is redirected to TCPIP port 20715. + +```ini +[Debug Port] +Channel = Serial +Port = COM5 +FlowControl = 0 +BaudRate = 921600 +Server = +``` + +Connect power adapter to Galileo development board and run a command script with +the contents below to start a Tera Term session on TCPIP port 20715 and start +the Intel(R) UEFI Development Kit Debugger Tool using UART connection between +the host and target and WinDbg. The REBOOT button on the Galileo development +board may need to be pressed for the debugger to perform the initial connect. + +```cmd +start "Console" /B "c:\Program Files (x86)\teraterm\ttermpro.exe" localhost:20715 /nossh +start "Debugger" /B "C:\Program Files (x86)\Intel\Intel(R) UEFI Development Kit Debugger Tool\eXdi.exe" /LaunchWinDbg +``` + +The figure below should be seen when a connection is made. The SoftDebugger +Debug Console window shows the status of the connection between the host and the +target. The Tera Term window shows the console output from the SEC phase until +the debug agent is initialized. The WinDbg window shows that the debugger is +connected and the WinDbg application can be used for run control, breakpoint +management, and viewing call stacks, local variables, global variables, etc. + +![](http://www.tianocore.org/Projects/QuarkPlatformPkg/Images/UdkDebugger.png) + +## **Debug Using Intel(R) System Debugger using OpenOCD** + +Setup hardware and software components following the instructions in the article at: +https://software.intel.com/en-us/articles/using-intel-system-debugger-with-openocd + +Connect power adapter to Galileo development board. + +The following batch file starts Tera Term serial console on COM5 at 921600 baud, +starts OpenOCD using a Flyswatter2, and starts Intel(R) System Studio Debugger. +Select the **Connect** button to complete the host to target connection. + +```cmd +set OPENOCD="C:\Program Files (x86)\IntelSWTools\system_studio_for_windows_2016.0.023\debugger\openocd" +start "Console" /B "c:\Program Files (x86)\teraterm\ttermpro.exe" /C=5 /BAUD=921600 +start "OpenOcd" /B %OPENOCD%\bin\openocd.exe -f ..\scripts\interface\ftdi\flyswatter2.cfg -f ..\scripts\board\quark_x10xx_board.cfg +call "C:\Program Files (x86)\IntelSWTools\System Debugger 2016\system_debugger\start_xdb_gdb_remote.bat" +``` + +When **Reset Target** is selected, the Galileo development board does not always +halt at the first instruction at the reset vector. If debug is required from +the first instruction of the reset vector, then update the file +```UefiCpuPkg/SecCore/Ia32/ResetVector.asm``` and change the two NOP +instructions at the label ```ResetHandler:``` to ```JMP $```. This puts the CPU +into a wait loop until the debugger is connected and the debugger is used to set +instruction pointer to the next instruction. + +``` +; +; For IA32, the reset vector must be at 0xFFFFFFF0, i.e., 4G-16 byte +; Execution starts here upon power-on/platform-reset. +; +ResetHandler: +; nop +; nop + jmp $ +ApStartup: + ; + ; Jmp Rel16 instruction + ; Use machine code directly in case of the assembler optimization + ; SEC entry point relative address will be fixed up by some build tool. + ; + ; Typically, SEC entry point is the function _ModuleEntryPoint() defined in + ; SecEntry.asm + ; + DB 0e9h + DW -3 +``` + +## **Install, Configure, and Boot Linux** + +* Download SD Card Linux Image: Available at + http://www.intel.com/content/www/us/en/support/boards-and-kits/intel-galileo-boards/000005614.html +* Extract the SD Card Linux Image to a FAT formatted Micro SD FLASH device +* Install Micro SD FLASH device into Galileo development board + +Connect power adapter to Galileo development board and boot to the UEFI Shell. + +From the UEFI Shell execute the following commands to copy the GRUB EFI boot +loader to ```\efi\boot\bootia32.efi```. This allows the UEFI Boot Manager, on +all future boots, to auto detect that the Micro SD FLASH device is bootable. + +``` +Shell> connect -r +Shell> map -r +Shell> fs0: +FS0:> mkdir efi +FS0:> mkdir efi\boot +FS0:> cp grub.efi efi\boot\bootia32.efi +``` + +The GRUB boot loader is set to a UART baud rate of 115200. A couple changes are +required to change the baud rate to 460800 for Galileo Gen 1 or 921600 for +Galileo Gen 2. From the UEFI Shell, execute the following commands to make a +backup copy and edit the GRUB configuration file. + +``` +FS0:> cp boot\grub\grub.conf boot\grub\grub.conf.org +FS0:> edit boot\grub\grub.conf +``` + +* Delete the lines associated with the boot option with the following title. + +``` +title Clanton SVP kernel-SPI initrd-SPI IMR-On IO-APIC/HPET NoEMU +``` + +* Replace the two instances of 115200 in the following line to 460800 for + Galileo Gen 1 or 921600 for Galileo Gen 2. + +``` +kernel /bzImage root=/dev/ram0 console=ttyS1,115200n8 earlycon=uart8250,mmio32,$EARLY_CON_ADDR_REPLACE,115200n8 reboot=efi,warm apic=debug rw LABEL=boot debugshell=5 rootimage=image-full-galileo-clanton.ext3 +``` +* Press F3 to save the file +* Run the ```exit``` command to exit from the UEFI Shell and return to the + UEFI Boot Manager +* Select **Boot Manager** +* Select **UEFI Misc Device** for the Micro SD FLASH device. +* GRUB should run and Linux should boot with serial log messages. +* When the serial log messages stop, change the Tera Term baud rate to 115200 +* Login as ```root```. No password is required. +* Use ```vi``` to edit ```/etc/inittab``` +* Change the baud rate of ttyS1 from 115200 to 460800 for Galileo Gen 1 or + 921600 for Galileo Gen 2. The line that need to be updated is shown below + +``` +S:2345:respawn:/sbin/getty 115200 ttyS1 +``` + +* Save the updated ```/etc/inittab``` +* Run ```reboot -f``` to shutdown Linux and reboot the platform. +* Set the Tera Term baud rate back to 460800 for Galileo Gen 1 or 921600 for + Galileo Gen 2. + +After these changes both the EDK II firmware and the Linux operating system use +the same baud rate. + +### **Testing ACPI S3 Sleep** + +The ACPI S3 Sleep and Resume feature can be tested on a Galileo development +board using the Real Time Clock (RTC) for a wake event. The shell script shown +below arms the RTC wake alarm 10 seconds in the future and puts the system to +sleep. A shorter time in seconds can be passed in as the first argument to the +script, but do not use times shorter than 2 or 3 seconds. + +**NOTE**: The stmmac module is unloaded because the module is not compatible +with S3 resume. + +```sh +# +# Unload NIC driver that causes S3 to fail +# +rmmod stmmac + +# +# Disable RTC wake alarm +# +echo 0 > /sys/class/rtc/rtc0/wakealarm + +# +# Compute wake time that is $1 seconds in the future +# +let WakeTime=`date '+%s'` +echo $WakeTime +if ["$1" = ""]; then + let WakeTime=$WakeTime+10 +else + let WakeTime=$WakeTime+$1 +fi +echo $WakeTime + +# +# Enable RTC wake alarm $1 seconds in the future +# +echo $WakeTime > /sys/class/rtc/rtc0/wakealarm + +# +# Put systems into ACPI S3 sleep state +# +echo mem > /sys/power/state +``` + +## **UEFI Secure Boot Feature and Physical Presence** + +Build a firmware image with SECURE_BOOT_ENABLE enabled +(```-D SECURE_BOOT_ENABLE```). This builds in support for UEFI authenticated +variables, UEFI image verification, and UEFI Secure Boot configuration screens +in the Device Manager. In order to change the UEFI Secure Boot configuration, +the user must assert physical presence. The Galileo development board only has +two push buttons (REBOOT and RESET). The REBOOT button unconditionally reboots +the platform. The RESET button asserts the reset signal on the Arduino header +and is also connected to a GPIO pin, so the state of the RESET button can be +read. The user asserts physical presence by holding the RESET button while the +Galileo development board boots, or by holding the RESET button while selecting +the **Secure Boot Configuration** option in the Device Manager. + +Use Dediprog SF100 to update the Galileo development board FLASH image. + +Connect power adapter to Galileo development board and boot to the UEFI Boot +Manager by pressing F2 or running the ```exit``` command from the UEFI Shell. +Select **Device Manager** and then**Secure Boot Configuration**. Change +**Customize Secure Boot** to **Customized** and then select **Custom Secure Boot +Options**. If **Custom Secure Boot Options** can not be selected, then physical +presence was not asserted using one of two methods listed above. Assert +physical presence and try again. + +The **Custom Secure Boot Options** screen allows the Galileo development board +to be enrolled into UEFI Secure Boot. See [How to Sign UEFI Drivers & Application V1.31]( +http://sourceforge.net/projects/edk2/files/General%20Documentation/SigningUefiImages%20-v1dot31.pdf/download) +in the [SecurityPkg Wiki](https://github.com/tianocore/tianocore.github.io/wiki/SecurityPkg) +for details on how to complete the UEFI Secure Boot enrollment. + +## **Enable Measured Boot Feature using Atmel I2C TPM on CryptoShield** + +Build a firmware image with MEASURED_BOOT_ENABLE enabled +(```-D MEASURED_BOOT_ENABLE```) and TPM_12_HARDWARE set to ATMEL_I2C +(```-D TMP_12_HARDWARE=ATMEL_I2C```). This builds in the TCG PEIM and DXE +modules and uses the library for the Atmel I2C TPM hardware device. + +Use Dediprog SF100 to update the Galileo development board FLASH image. + +Attach the CryptoShield to the Arduino header of the Galileo development board +as shown below. + +![](http://www.tianocore.org/Projects/QuarkPlatformPkg/Images/GalileoCryptoShield.jpg) + +Connect power adapter to Galileo development board and boot to the UEFI Shell. +In the boot logging messages, messages similar to the following should be seen +as the Atmel I2C TPM hardware device is detected and used to measure the +contents of firmware volumes and firmware tables. + +``` +Loading PEIM at 0x0000FC75188 EntryPoint=0x0000FC75260 TrEEConfigPei.efi +PROGRESS CODE: V03020002 I0 +TrEEConfiguration.TpmDevice from Setup: 1 +DetectTpmDevice: +TpmDevice final: 1 +TpmDevice PCD: 8B01E5B6-4F19-46E8-AB93-1C53671B90CC +. . . +Loading PEIM at 0x0000FC70190 EntryPoint=0x0000FC70260 TcgPei.efi +PROGRESS CODE: V03020002 I0 +Install PPI: E9DB0D58-D48D-47F6-9C6E-6F40E86C7B41 +Install PPI: A030D115-54DD-447B-9064-F206883D7CCC +PROGRESS CODE: V03020003 I0 +The FV which is measured by TcgPei starts at: 0xFFF10000 +The FV which is measured by TcgPei has the size: 0xF0000 +The FV which is measured by TcgPei starts at: 0xFFD00000 +The FV which is measured by TcgPei has the size: 0x1E0000 +. . . +Loading driver at 0x0000F620000 EntryPoint=0x0000F620260 TcgDxe.efi +. . . +TPM TcgDxe Measure Data when ReadyToBoot +``` +See the [SecurityPkg Wiki](https://github.com/tianocore/tianocore.github.io/wiki/SecurityPkg) +for additional details on EDK II TPM support + +## **Measuring Boot Performance** + +Build a firmware image with PERFORMANCE_ENABLE enabled +(```-D PERFORMANCE_ENABLE```). This builds in the UEFI Shell and the DP.EFI +(Dump Performance) into a firmware volume and also includes a simple file system +driver for firmware volumes so the DP.EFI command can be run out of the FLASH. + +Use Dediprog SF100 to update the Galileo development board FLASH image. + +Connect power adapter to Galileo development board and let it boot to the UEFI +Shell. Then use the REBOOT button or the ```reset``` UEFI Shell command to +reboot the Galileo development board. The first boot after a FLASH update does +extra work that is only performed one time. In order to get correct performance +measurements, use the 2nd or later boots. After the 2nd boot, run the +```dp -s``` command. The output should look similar to the figure below. + +![](http://www.tianocore.org/Projects/QuarkPlatformPkg/Images/DpCommand.png) -- cgit v1.2.3